The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
By default, the switch floods packets with unknown destination MAC addresses out of all ports. If unknown unicast and multicast traffic is forwarded to a protected port, there could be security issues. To prevent unknown unicast or multicast traffic from being forwarded from one port to another, you can block a port (protected or nonprotected) from flooding unknown unicast or multicast packets to other ports.
To block flooded traffic on n interface, perform this procedure:
The interface can be a physical interface or an EtherChannel group. When you block multicast or unicast traffic for a port channel, it is blocked on all ports in the port-channel group.
| Command or Action | Purpose | |||
|---|---|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode. Enter your password if prompted. |
||
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
||
|
Step 3 |
interface interface-id Example: |
Specifies the interface to be configured, and enter interface configuration mode. |
||
|
Step 4 |
switchport block multicast Example: |
Blocks unknown multicast forwarding out of the port.
|
||
|
Step 5 |
switchport block unicast Example: |
Blocks unknown unicast forwarding out of the port. |
||
|
Step 6 |
end Example: |
Returns to privileged EXEC mode. |
||
|
Step 7 |
show interfaces interface-id switchport Example: |
Verifies your entries. |
||
|
Step 8 |
show running-config Example: |
Verifies your entries. |
||
|
Step 9 |
copy running-config startup-config Example: |
(Optional) Saves your entries in the configuration file. |
|
Command |
Purpose |
|---|---|
|
show interfaces [interface-id] switchport |
Displays the administrative and operational status of all switching (nonrouting) ports or the specified port, including port blocking and port protection settings. |
This table provides release and related information for features explained in this module.
These features are available on all releases subsequent to the one they were introduced in, unless noted otherwise.
|
Release |
Feature |
Feature Information |
|---|---|---|
|
Cisco IOS Release 15.2(7)E1 |
Port Blocking |
To prevent unknown unicast or multicast traffic from being forwarded from one port to another, you can block a port (protected or nonprotected) from flooding unknown unicast or multicast packets to other ports. |
Use Cisco Feature Navigator to find information about platform and software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn.
Feedback